package com.demo.app.service;


import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

@Component("rbacService")
public class MyRBACService {

  public boolean hasPermission(HttpServletRequest request, Authentication authentication){
    Object principal = authentication.getPrincipal();

    if(principal instanceof UserDetails){
      UserDetails userDetails = ((UserDetails)principal);

      //"/syslog"
      //本次要访问的资源
      SimpleGrantedAuthority SimpleGrantedAuthority
              = new SimpleGrantedAuthority(request.getRequestURI());


      return userDetails.getAuthorities().contains(SimpleGrantedAuthority);
    }

    return false;
  }
}
